🔥 WARNING — Hackers are abusing a weakness in Citrix NetScaler devices to launch amplified 🚀 DDoS attacks against several targets.

Read details ➤ https://thehackernews.com/2020/12/citrix-adc-ddos-attack.html

Affected Citrix customers can temporarily disable DTLS to stop the attack.

Microsoft warns of hackers attempting to target Azure cloud customers via 3rd-party partners/resellers.

https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html

CrowdStrike & CISA released 2 tools to help users review excessive permissions & detect compromised accounts/apps in AD or Office 365 environments.

In a nationwide cyber crackdown, UK police arrest 21 customers of the now-defunct 'WeLeakInfo' website who allegedly bought breached personal data for criminal activities.

Read more: https://thehackernews.com/2020/12/police-arrest-21-weleakinfo-customers.html

IMPORTANT: Patch it ASAP!

A newly spotted SolarWinds Orion API authentication bypass flaw allows remote attackers to execute commands and was likely also exploited as 0-day to install the 2nd backdoor 'SUPERNOVA.'

Details: https://thehackernews.com/2020/12/a-new-solarwinds-flaw-likely-had-let.html

Account Takeover via login with OTP 🏆

https://medium.com/@surajbhosale_67721/account-takeover-via-login-with-otp-ba4a33fb1b6f

#mehran_p51

💢21 members of WeLeakInfo site arrested.

👨🏻‍💻21 people across the UK have been arrested by police as part of a high-profile cybercriminal who is a former client and top admin of WeLeakInfo.com.

N The NCA said: "The suspects are using stolen personal funds to commit more cybercrimes and fraud. Out of 21 wanted persons, 18 have been arrested, all of whom are between 18 and 38 years old and 41,000 in the process. "Bitcoin was seized."

Earlier this January, the FBI NCA, the Dutch National Cyber ​​Force, the German Bundescriminal and the Northern Ireland Police jointly took over the Weleakinfo.com domain.

The service was launched in 2017 and sells more than 12 billion stolen data, including names, email addresses, usernames, phone numbers and passwords for online accounts.

"Cybercriminals are well aware that people repeat their passwords on multiple sites, giving scammers the opportunity to exploit them," said Paul Crawfield of the NCA.


@World_Of_Security 🌐

Top disclosed reports from HackerOne: https://github.com/reddelexc/hackerone-reports
#mehran_p51

Account Takeover via Web Cache Poisoning based Reflected XSS

https://lutfumertceylan.com.tr/posts/acc-takeover-web-cache-xss/
#mehran_p51

🔥 BREAKING: British court has rejected the U.S. government's request to extradite Wikileaks founder Julian Assange on charges pertaining to illegally obtaining & sharing classified material related to national security.

https://thehackernews.com/2021/01/british-court-rejects-us-request-to.html

Google's Own Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA Security Plugin — With 97% Accuracy.

Read Details: https://thehackernews.com/2021/01/google-speech-to-text-api-can-help.html

Cyberattacks targeting healthcare organizations have spiked by 45% since November 2020 as COVID19 cases continue to increase globally.

Read: https://thehackernews.com/2021/01/healthcare-industry-witnessed-45-spike.html

WATCH OUT!!!

A widespread Electron and Golang-based cross-platform RAT malware is targeting cryptocurrency users with 'undetected' trojanized apps for Windows, Linux, and macOS systems.

Details: https://thehackernews.com/2021/01/warning-cross-platform-electrorat.html

In a joint statement, FBI, CISA, NSA officially blamed the Russian government for orchestrating the massive SolarWinds supply chain cyberattack.

https://thehackernews.com/2021/01/fbi-cisa-nsa-officially-blames-russia.html

WhatsApp updated its Privacy Policy and Terms of Services, making data-sharing with Facebook mandatory for all.

IMPORTANT — You must accept it before February 8; otherwise, your account will be DELETED.

Details: https://thehackernews.com/2021/01/whatsapp-will-delete-your-account-if.html

U.S. Department of Justice admits its Microsoft Office 365 email server was also compromised as part of the SolarWinds supply chain attack.

Read details: https://thehackernews.com/2021/01/solarwinds-hackers-also-accessed-us.html

ALERT: A North Korean hacking group is targeting the South Korean government with a new spear-phishing campaign deploying RokRat Trojan.

Read: https://thehackernews.com/2021/01/alert-north-korean-hackers-targeting.html

🔥 A new side-channel attack (CVE-2021-3011) could let hackers extract your secret 2-factor authentication encryption keys from Google Titan, or other FIDO-enabled hardware security keys, and clone them for unauthorized access.

Read details — https://thehackernews.com/2021/01/new-attack-could-let-hackers-clone-your.html

NTFS Remote Code Execution (CVE-2020-17096) Analysis
https://blog.zecops.com/vulnerabilities/ntfs-remote-code-execution-cve-2020-17096-analysis/
#mehran_p51

Android Security
Supplementary material for Android Trainings:
1) Deep Dive Android
2) Xtreme Android Hacking
3) Android Pentesting
https://github.com/anantshri/Android_Security
#mehran_p51

Russian hacker 'Andrei Tyurin' gets 12-years of prison for the massive J.P. Morgan Chase hack & stealing a trove of personal information from several other financial institutions, brokerage firms, and financial news publishers.

Read: https://thehackernews.com/2021/01/russian-hacker-gets-12-years-prison-for.html